4d779ad89fc758a4380cdb91a199d259_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4d779ad89fc758a4380cdb91a199d259_JaffaCakes118
Size

12KB
MD5

4d779ad89fc758a4380cdb91a199d259
SHA1

ae1c0b71c9c349453f39932111e608f673c6f4e5
SHA256

00680a5d40c68e508daac249d9d5eff4de1e4339e1ee48ad7669e471d3de0e9e
SHA512

957972f3c7c33eb71446d346a61f54ed5eee7986a3f16d3859073fa06ad0ed6f47403be489481f779cc1191d9f5c4e5ee24b1188f1723b092114f70f68ff00b8
SSDEEP

96:0P0DAji3zWmhXQo3uLmKQhko7OPxAxHkz9CojUDjB8br000BdhaNM4pDkpou:0cAgzWmx3um7eYEzFbr000l2tu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d779ad89fc758a4380cdb91a199d259_JaffaCakes118

Files

4d779ad89fc758a4380cdb91a199d259_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6671728d079ab0c983538f1f0fa51ba1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

rtl60.bpl

@System@initialization$qqrv
@System@Finalization$qqrv
@System@UnregisterModule$qqrp17System@TLibModule
@System@RegisterModule$qqrp17System@TLibModule
@System@FindHInstance$qqrpv
@System@@LStrFromPChar$qqrr17System@AnsiStringpc
@System@@LStrAsg$qqrpvpxv
@System@@LStrClr$qqrpv
@System@@HandleFinally$qqrv
@System@IsMemoryManagerSet$qqrv
@System@SetMemoryManager$qqrrx21System@TMemoryManager
@System@IsMultiThread
@System@IsConsole
@System@ExitProc
@System@CmdLine
@System@IsLibrary
@System@MainInstance
@Types@initialization$qqrv
@Types@Finalization$qqrv
@Sysconst@initialization$qqrv
@Sysconst@Finalization$qqrv
@Sysutils@initialization$qqrv
@Sysutils@Finalization$qqrv
@Varutils@initialization$qqrv
@Varutils@Finalization$qqrv
@Variants@initialization$qqrv
@Variants@Finalization$qqrv
@Rtlconsts@initialization$qqrv
@Rtlconsts@Finalization$qqrv
@Typinfo@initialization$qqrv
@Typinfo@Finalization$qqrv
@Typinfo@DotSep
@Typinfo@BooleanIdents

borlndmm

ord2

kernel32

FreeLibrary
GetCommandLineA
GetModuleHandleA
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree

cc3260mt

@$bdele$qpv
@_CatchCleanup$qv
@_InitTermAndUnexPtrs$qv
@_ReThrowException$quipuc
__ErrorExit
___CRTL_MEM_GetBorMemPtrs
___CRTL_MEM_UseBorMM
___CRTL_TLS_Alloc
___CRTL_TLS_ExitThread
___CRTL_TLS_Free
___CRTL_TLS_GetValue
___CRTL_TLS_InitThread
___CRTL_TLS_SetValue
____ExceptionHandler
__argc
__argv
__argv_default_expand
__exitargv
__handle_exitargv
__handle_setargv
__handle_wexitargv
__handle_wsetargv
__matherr
__matherrl
__setargv
__startup
__wargv_default_expand
_getch
_memcpy
_strlen

stlpmt45

ord1091
ord179

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6671728d079ab0c983538f1f0fa51ba1

Headers

File Characteristics

Imports

rtl60.bpl

borlndmm

kernel32

cc3260mt

stlpmt45

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB